Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/A8168B4E0ADD11EC8109AE1EC4F9AE02.roa
File: A8168B4E0ADD11EC8109AE1EC4F9AE02.roa (raw, json)
Hash identifier: r8aIMnj2P08TnWwNGoh3dzTbxSP9iTeqf7EFgamq+ns=
Subject key identifier: 06:20:E3:BB:01:44:22:56:FB:13:7F:18:64:86:CA:E0:A4:07:FF:31
Certificate issuer: /CN=A919DB2F/serialNumber=F9C3638059F864E84AE3BF50DAAC079C68463EA7
Certificate serial: 0278
Authority key identifier: F9:C3:63:80:59:F8:64:E8:4A:E3:BF:50:DA:AC:07:9C:68:46:3E:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-cNjgFn4ZOhK479Q2qwHnGhGPqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/A8168B4E0ADD11EC8109AE1EC4F9AE02.roa
Signing time: Fri 08 Jul 2022 16:51:23 +0000
ROA not before: Fri 08 Jul 2022 16:51:23 +0000
ROA not after: Thu 01 Dec 2022 00:00:00 +0000
asID: 146961
IP address blocks: 103.172.80.0/23 maxlen: 23
103.172.80.0/24 maxlen: 24
103.172.81.0/24 maxlen: 24
2001:df7:6680::/48 maxlen: 48
2400:8da0:ea00::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 632 (0x278)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919DB2F/serialNumber=F9C3638059F864E84AE3BF50DAAC079C68463EA7
Validity
Not Before: Jul 8 16:51:23 2022 GMT
Not After : Dec 1 00:00:00 2022 GMT
Subject: CN=62c8608b-ee5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6f:5a:e8:81:01:18:6e:47:3e:ed:e8:44:fc:
a8:63:8c:dc:7a:f3:d8:50:b5:ec:be:7c:78:0a:b9:
22:7e:5e:57:1e:0e:17:be:dd:6d:20:25:e3:58:09:
85:c8:1e:9a:b9:21:11:67:ca:dc:28:77:99:58:94:
8d:fb:d8:87:d1:cf:cc:e8:c1:26:76:dc:48:46:80:
55:96:d8:99:49:6a:b4:4f:8d:85:4b:0a:5f:60:38:
18:c0:1f:83:41:23:92:82:33:f9:96:5c:51:74:10:
89:ca:13:d2:e8:a2:86:9f:88:2a:d9:70:dd:8a:d8:
c7:24:b8:56:b5:53:9a:15:27:a1:70:76:56:6f:55:
17:96:fe:47:64:5b:3e:88:09:f9:27:30:b4:ac:ce:
32:09:e0:d0:2c:26:46:a6:38:db:73:7a:05:33:2d:
87:be:66:b0:4d:23:34:8b:0e:a9:76:bf:bd:d7:3b:
2a:ea:20:8b:5c:ea:33:48:83:7a:7a:4d:d7:02:48:
39:e7:8c:57:86:5d:74:0b:0f:7a:ae:50:3d:65:94:
f9:e5:c6:c5:5d:bb:8e:83:2b:aa:32:e6:e0:44:d1:
ff:1d:0b:07:34:1f:67:e2:4d:b8:fe:52:00:38:7b:
cf:9c:5c:3f:c9:1e:72:bf:60:15:34:b9:7b:f2:11:
67:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:20:E3:BB:01:44:22:56:FB:13:7F:18:64:86:CA:E0:A4:07:FF:31
X509v3 Authority Key Identifier:
keyid:F9:C3:63:80:59:F8:64:E8:4A:E3:BF:50:DA:AC:07:9C:68:46:3E:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/-cNjgFn4ZOhK479Q2qwHnGhGPqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-cNjgFn4ZOhK479Q2qwHnGhGPqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919DB2F/EF59CEC40ADA11EC95F5F678C4F9AE02/A8168B4E0ADD11EC8109AE1EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.80.0/23
IPv6:
2001:df7:6680::/48
2400:8da0:ea00::/44
Signature Algorithm: sha256WithRSAEncryption
47:cb:05:c5:93:96:b8:07:bd:77:3f:36:65:d4:91:b5:7f:7f:
1a:9b:19:19:1a:54:7b:23:07:c9:7e:81:bd:6f:4f:81:7b:53:
a1:75:d4:27:e5:b6:8f:2e:24:10:15:78:b9:3f:1f:bf:18:2c:
b9:11:f4:85:fa:87:d7:7d:b7:c1:42:de:f7:26:9a:8d:55:66:
eb:eb:c5:78:33:44:27:46:f8:ef:e9:76:37:a5:b6:ae:54:11:
73:d8:8b:54:25:a7:c8:68:fe:70:93:75:b9:e2:f8:4e:5c:2b:
47:63:a3:b4:60:60:b8:29:d1:89:f6:6b:85:37:b3:5c:d2:ea:
03:47:1f:9c:a4:ae:ea:3f:73:83:3e:7f:e6:77:ee:f4:92:c1:
e2:c0:6f:7f:5b:21:c8:d0:3f:82:cf:d0:95:38:ac:a8:ac:5c:
f9:05:eb:d8:a5:7d:5b:79:47:f4:e6:72:66:3a:53:c4:48:c6:
b4:03:08:06:4c:87:d5:ef:7f:ab:ff:a6:33:e8:73:50:1a:6c:
aa:3a:32:7f:e8:a1:57:29:8b:20:e4:8a:b8:55:2c:b7:18:5f:
7d:27:b0:55:bf:4c:d6:bc:68:0c:39:0c:fc:7a:0e:34:07:54:
51:e1:d6:2a:26:44:3c:6e:0b:f7:1f:b2:2e:c6:cd:ed:8e:52:
56:d1:eb:52
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAngwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OURCMkYxMTAvBgNVBAUTKEY5QzM2MzgwNTlGODY0RTg0QUUzQkY1MERBQUMwNzlD
Njg0NjNFQTcwHhcNMjIwNzA4MTY1MTIzWhcNMjIxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmM4NjA4Yi1lZTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAom9a6IEBGG5HPu3oRPyoY4zcevPYULXsvnx4Crkifl5XHg4Xvt1tICXjWAmF
yB6auSERZ8rcKHeZWJSN+9iH0c/M6MEmdtxIRoBVltiZSWq0T42FSwpfYDgYwB+D
QSOSgjP5llxRdBCJyhPS6KKGn4gq2XDditjHJLhWtVOaFSehcHZWb1UXlv5HZFs+
iAn5JzC0rM4yCeDQLCZGpjjbc3oFMy2HvmawTSM0iw6pdr+91zsq6iCLXOozSIN6
ek3XAkg554xXhl10Cw96rlA9ZZT55cbFXbuOgyuqMubgRNH/HQsHNB9n4k24/lIA
OHvPnFw/yR5yv2AVNLl78hFnAwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFAYg47sB
RCJW+xN/GGSGyuCkB/8xMB8GA1UdIwQYMBaAFPnDY4BZ+GToSuO/UNqsB5xoRj6n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5REIyRi9FRjU5Q0VDNDBB
REExMUVDOTVGNUY2NzhDNEY5QUUwMi8tY05qZ0ZuNFpPaEs0NzlRMnF3SG5HaEdQ
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1jTmpnRm40Wk9oSzQ3OVEycXdIbkdoR1BxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OURCMkYvRUY1OUNFQzQwQURBMTFFQzk1RjVGNjc4QzRGOUFFMDIvQTgxNjhCNEUw
QUREMTFFQzgxMDlBRTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMAwEAgABMAYDBAFnrFAwGAQCAAIwEgMHACABDfdmgAMHBCQAjaDqADANBgkq
hkiG9w0BAQsFAAOCAQEAR8sFxZOWuAe9dz82ZdSRtX9/GpsZGRpUeyMHyX6BvW9P
gXtToXXUJ+W2jy4kEBV4uT8fvxgsuRH0hfqH1323wULe9yaajVVm6+vFeDNEJ0b4
7+l2N6W2rlQRc9iLVCWnyGj+cJN1ueL4TlwrR2OjtGBguCnRifZrhTezXNLqA0cf
nKSu6j9zgz5/5nfu9JLB4sBvf1shyNA/gs/QlTisqKxc+QXr2KV9W3lH9OZyZjpT
xEjGtAMIBkyH1e9/q/+mM+hzUBpsqjoyf+ihVymLIOSKuFUstxhffSewVb9M1rxo
DDkM/HoONAdUUeHWKiZEPG4L9x+yLsbN7Y5SVtHrUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:35 2024 by rpki-client on console-fra.rpki-client.org